International Standards on Auditing (New Zealand) are in effect – are your auditing practices up to speed? As all auditors should now be very well aware New Zealand now has a new suite of mandatory auditing standards, the International Standards on Auditing (New Zealand) or otherwise known as ISA (NZ)s.
From balance dates commencing after 1 October 2009 and after New Zealand auditors of financial statements are now required to apply the complete suite of ISA (NZ)s.
This change in standards to ISA (NZ)s is the most significant change in auditing in New Zealand since the introduction of the suite of Codified Auditing Standards back in 1990. It has been followed with a change of responsibility for the standards from NZICA to the new independent Crown Entity; the External Reporting Board (XRB), which came into being on 1 July 2011.
Other than some minor modifications made to wording of the standards when these shifted from being the responsibility of the Institute’s Professional Standards Board to the XRB, it is unlikely we will see significant further changes to NZ auditing standards in the near future. This is good news and is to give NZ auditors time to integrate changes required by the ISAs (NZ) into their auditing practice.
Auditors do, however, need to ensure that they are not just ‘doing what they have always done’. The ISA (NZ)s are characterised by being longer and more explicit than the auditing standards they replace. In some cases this is due to them containing increased guidance, in others it is the result of new and more specific requirements being imposed on auditors. This can be seen by the following comparison in mandatory requirements.
|.||Codified Auditing Stds.||International Stds. on Auditing (NZ)|
|Number of Stds.||28||36|
|Mandatory “black letter” requirements||221||519|
|Number of pages||250||700|
The standards and other helpful guidance can be freely accessed at www.xrb.govt.nz
The challenge for many auditors is to be clear on what are the key changes they need to be aware of in their everyday audit practice. This is especially likely to be an issue if the chartered accountant is an occasional, rather than a full time auditor.
From practical application of these standards in the audits of a wide range of New Zealand entities, as well as acting as peer support for other auditors, the following are some of the more significant changes we at Hayes Knight Audit have noted as areas where confusion is common or where the requirements of the standards are not well implemented by occasional auditors. We stress these are not all the changes. However they do represent some of the more common ones that appear to be tripping up some auditors.
1. Increased formality of communication with management and specifically the governing body
There are now explicit matters that must be formally communicated to the governing body in every audit. Examples include whether there have been any significant difficulties encountered during the audit, significant matters discussed with management etc. For audits of issuers there are further communication requirements such as whether there are any potential threats to the auditor’s independence related safeguards applied etc. This has had the impact of lengthening the auditor’s management letter to the governing body at the conclusion of the audit. The other notable change with regard to communication with the governing body is the need for auditors to explicitly communicate any adjustments and any uncorrected misstatements. Other than clearly trivial ones, these are required to be communicated prior to the signing of the audit report and have management agree with these formally via their representation letter.
2. Increased planning requirements
One of the most noticeable impacts in the change to ISA (NZ)s in relation to planning is an increased number of explicit requirements. For example the explicit requirement from ISA (NZ) 300: Planning an Audit of Financial Statements for the engagement partner and other key members of the engagement team to be involved in the planning of the audit and to discuss this with all other members of the team. While this may not seem extraordinary for many reading this, the challenge for auditors is to ensure they clearly document that this has occurred and the resulting impact on their audit approach.
3. Documentation expectations increased
In the words of a American PCAOB inspector when reviewing a NZ big 4 audit firm: “If it aint documented it aint done!” The increase in the explicit requirements in the audit standards brings with it a corresponding increase in documentation required. This is in order for the auditor to have evidence on their audit file to be able to show that they have complied with the requirements.
4. Audits of Group Financial Statements
If the audit of group financial statements includes relying on the work of component auditors then there are much greater responsibilities upon the group auditor under the ISA (NZ)s. These increased requirements mainly involve the level of communication required regarding planning, approach, documentation and evidence.
5. More care required around the audit report wording
There is more to go into the new audit reports and most significantly the content variations can be much greater. This means the days of hauling out the audit report standard wording and using it for 95% of your audits is over. Much more specific case by case consideration is required – and the changes to wording required impact more than just the final opinion paragraph.
6. Modifications of audit reports rather than qualifications
Some terminology change. Previously anything other than a clean audit opinion was known by most as a qualified opinion. Now the standards talk of unmodified and modified opinions. Modified opinions can be:
- A qualified opinion – Auditor disagrees with some limited areas or a limitation of scope over part of the financial statements
- An adverse opinion – serious disagreement with treatment which makes the financial statements misleading
- A disclaimer of opinion – limitation of scope so significant that cannot express any opinion
7. Separate opinion in accordance with laws or regulations within audit reports
Auditors sometimes have specific legislative reporting requirements in addition to the audit of financial statements. A common example is that an audit under the Financial Reporting Act 1993 that requires the auditor to explicitly state whether:
- they have obtained all the information and explanations they have required; and
- whether proper accounting records have been kept by the company.
Such other legislative requirements are now required to be disclosed under a separate heading after the auditor’s opinion on the financial statements.
8. Greater pull through of prior year audit qualifications
The impact of audit report qualifications in prior years are now required to be given much greater consideration under the new audit reporting standards. Often this will mean that if an audit report was qualified in the prior year then that fact and the potential impact on the comparability of comparatives needs to be mentioned in the audit report for the current period. Hence in most cases any qualification of an audit opinion will now impact two years, albeit that the wording will change from year to year, rather than just appearing in the current year.
9. More work required around special purpose financial statements
Some clients are able to and choose to prepare special purpose financial reports instead of preparing a general purpose report by following all applicable Financial Reporting Standards. If this is the case then there is now a much more explicit requirement on the auditor to assess the appropriateness of use of that special purpose prior to agreeing the terms the engagement. This situation also has audit reporting implications.
10. Specific requirements for “significant” risks
Significant risks – those material risks that “in the auditor’s judgement, require special audit consideration” have a number of specific requirements under the ISA (NZ) standards – so it is important for the auditor to clearly articulate which risk these are in their audit documentation.
If the auditor determines that a significant risk exists, they are required to obtain an understanding of the entity’s controls relevant to that risk.
Auditors need to be careful to ensure their response is appropriate in the context of the ISA (NZ) requirements:
- The nature of evidence obtained needs to be appropriate – the response to a significant risk must include substantive procedures – analytical procedures alone will not be sufficient for significant risks.
- There are a number of areas that have specific requirements for significant risks identified, including fraud, related parties and estimates.
- The absence of controls over a significant risk is itself a significant deficiency in internal control as requires inclusion in your reporting to the governing body.
International Standards on Auditing (New Zealand) have changed the requirements for New Zealand auditors. It is important that anyone auditing financial statements in New Zealand is fully aware of these changes, has invested the appropriate time in understanding them, and has taken the necessary steps to change their practices as appropriate.